[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: sysctl to disable protocol stack
Date: Wed, 9 Dec 2009 09:31:12 -0500 (EST)
From: der Mouse <mouse%Rodents-Montreal.ORG@localhost>
| You can get most of the way there by writing it the enabled way and
| then just inverting the bit when you go to actually check the domain
| struct. Then all the interfaces are written for "enabled", except for
| the one that, as you point out, kinda has to be 0==enabled.
That would work if sysctl() has some magic "invert the value when setting
and fetching" flag (maybe it does, I admit I didn't look that closely).
The code in the patch is (for most of what is needed) all there is,
there's no missing support code, you can take what I sent, apply it
to a current kernel (at least, a current kernel of a day or so ago)
and compile, run, and use it (a few things, like netstat for example
I think, don't hide the disabled protocol (ifconfig does), and the
SIOCGIFCONF ioctl still returns disabled af's, and the ioctl's for
setting addresses still work (but as normally only ifconfig does those,
most people won't see that one, ifconfig does the "right" thing, without
touching it...) testing most of the parts I didn't send requires more
effort, so I need to put this in a kernel I can actually run and use
(which is neither the 3 beta it was designed for, I think, nor current)
so I can complete the missing parts.
There's absolutely no code there related to setting values in the domain
struct, sysctl does all of that (and that's the way it always will be.)
Sure, the kernel internally could test for enabled, instead of disabled,
by masking against (~dp->dom_disabled), but I really don't see the point
of that if the external user interface is "0 means enabled and 1 means
disabled", and unless sysctl has some invert flag I don't know about,
that's what the user interface would be.
Main Index |
Thread Index |